VULNERABILITY_PATTERNS = {
    'sql_injection': {
        'patterns': [
            r'(?i)SELECT.*FROM.*WHERE.*=\s*[\'"].*[\'"]\s*\+',
            r'(?i)INSERT\s+INTO.*VALUES.*\+',
            r'(?i)UPDATE.*SET.*=.*\+',
            r'(?i)DELETE\s+FROM.*WHERE.*=.*\+'
        ],
        'risk_level': 'high',
        'description': 'SQL注入漏洞'
    },
    'xss': {
        'patterns': [
            r'(?i)innerHTML\s*=',
            r'(?i)document\.write\(',
            r'(?i)eval\(',
            r'(?i)<script[^>]*>.*</script>'
        ],
        'risk_level': 'high',
        'description': 'XSS跨站脚本漏洞'
    },
    # 添加更多漏洞特征...
} 